SumoLogic
diff --git a/‎CHANGELOG.md‎
Lines changed: 4 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎sumologic/provider.go‎
Lines changed: 1 addition & 0 deletions b/‎sumologic/provider.go‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎sumologic/resource_sumologic_dashboard_test.go‎
Lines changed: 17 additions & 8 deletions b/‎sumologic/resource_sumologic_dashboard_test.go‎
Lines changed: 17 additions & 8 deletions
diff --git a/‎sumologic/resource_sumologic_permissions.go‎
Lines changed: 199 additions & 0 deletions b/‎sumologic/resource_sumologic_permissions.go‎
Lines changed: 199 additions & 0 deletions
@@ -1,4 +1,7 @@
-## 2.12.1 (Unreleased)
+## 2.13.0 (Unreleased)
+
+FEATURES:
+* **New Resource:** sumologic_content_permission (GH-340)
 
 ENHANCEMENTS:
 * Add support for importing folder resource (GH-345)
 
@@ -96,6 +96,7 @@ func Provider() terraform.ResourceProvider {
 			"sumologic_token":                              resourceSumologicToken(),
 			"sumologic_policies":                           resourceSumologicPolicies(),
 			"sumologic_hierarchy":                          resourceSumologicHierarchy(),
+			"sumologic_content_permission":                 resourceSumologicPermissions(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"sumologic_cse_log_mapping_vendor_product": dataSourceCSELogMappingVendorAndProduct(),
 
@@ -24,11 +24,10 @@ func TestAccSumologicDashboard_basic(t *testing.T) {
 	testNameSuffix := acctest.RandString(16)
 	title := "terraform_test_dashboard_" + testNameSuffix
 
-	var dashboard Dashboard
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
 		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckDashboardDestroy(dashboard),
+		CheckDestroy: testAccCheckDashboardDestroy(),
 		Steps: []resource.TestStep{
 			{
 				Config: dashboardImportConfig(title),
@@ -81,7 +80,7 @@ func TestAccSumologicDashboard_create(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
 		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckDashboardDestroy(dashboard),
+		CheckDestroy: testAccCheckDashboardDestroy(),
 		Steps: []resource.TestStep{
 			{
 				Config: dashboardCreateConfig(title, description, theme, refreshInterval,
@@ -211,7 +210,7 @@ func TestAccSumologicDashboard_update(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
 		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckDashboardDestroy(dashboard),
+		CheckDestroy: testAccCheckDashboardDestroy(),
 		Steps: []resource.TestStep{
 			{
 				Config: dashboardCreateConfig(title, description, theme, refreshInterval,
@@ -301,12 +300,22 @@ func TestAccSumologicDashboard_update(t *testing.T) {
 	})
 }
 
-func testAccCheckDashboardDestroy(dashboard Dashboard) resource.TestCheckFunc {
+func testAccCheckDashboardDestroy() resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		client := testAccProvider.Meta().(*Client)
-		_, err := client.GetDashboard(dashboard.ID)
-		if err == nil {
-			return fmt.Errorf("Dashboard (id=%s) still exists", dashboard.ID)
+		for _, r := range s.RootModule().Resources {
+			if r.Type != "sumologic_dashboard" {
+				continue
+			}
+
+			id := r.Primary.ID
+			dashboard, err := client.GetDashboard(id)
+			if err != nil {
+				return fmt.Errorf("Encountered an error: " + err.Error())
+			}
+			if dashboard != nil {
+				return fmt.Errorf("Dashboard (id=%s) still exists", id)
+			}
 		}
 		return nil
 	}
 
@@ -0,0 +1,199 @@
+package sumologic
+
+import (
+	"errors"
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+)
+
+func resourceSumologicPermissions() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceSumologicPermissionsCreate,
+		Read:   resourceSumologicPermissionsRead,
+		Delete: resourceSumologicPermissionsDelete,
+		Update: resourceSumologicPermissionsUpdate,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"content_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"notify_recipient": {
+				Type:     schema.TypeBool,
+				Required: true,
+			},
+			"notification_message": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "",
+			},
+			"permission": {
+				Type:     schema.TypeSet,
+				Required: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"permission_name": {
+							Type:     schema.TypeString,
+							Required: true,
+							ValidateFunc: validation.StringInSlice(
+								[]string{"View", "GrantView", "Edit", "GrantEdit", "Manage", "GrantManage"}, false),
+						},
+						"source_type": {
+							Type:         schema.TypeString,
+							Required:     true,
+							ValidateFunc: validation.StringInSlice([]string{"user", "role", "org"}, false),
+						},
+						"source_id": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceSumologicPermissionsCreate(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*Client)
+
+	if d.Id() == "" {
+		id, err := c.UpdatePermissions(PermissionsRequest{
+			Permissions: resourceToPermissionsArray(d.Get("permission").(*schema.Set),
+				d.Get("content_id").(string)),
+			NotifyRecipients:    d.Get("notify_recipient").(bool),
+			NotificationMessage: d.Get("notification_message").(string),
+		}, d.Get("content_id").(string))
+
+		if err != nil {
+			return err
+		}
+		d.SetId(id)
+	}
+
+	return resourceSumologicPermissionsRead(d, meta)
+}
+
+func resourceSumologicPermissionsRead(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*Client)
+
+	var permissionsResponse *PermissionsResponse
+	id := d.Id()
+
+	permissionsResponse, err := c.GetPermissions(id)
+	if err != nil {
+		log.Printf("[WARN] Error getting permissions for content(id=%s), err: %v", id, err)
+		return err
+	}
+
+	if permissionsResponse == nil {
+		log.Printf("[WARN] Permissions not found for content(id=%s), removing from state. err: %v",
+			id, err)
+		d.SetId("")
+		return nil
+	}
+
+	creatorId, err := getCreatorId(id, meta)
+	if err != nil {
+		log.Printf("[ERROR] Cannot find owner of content %s", id)
+		return err
+	}
+
+	d.Set("permission",
+		permissionsArrayToResource(permissionsResponse.ExplicitPermissions, creatorId))
+	log.Printf("[WARN] Content id %v", d.Get("content_id"))
+
+	return nil
+}
+
+func resourceSumologicPermissionsDelete(d *schema.ResourceData, meta interface{}) error {
+	resourceSumologicPermissionsRead(d, meta)
+	c := meta.(*Client)
+	permissionRequest, err := resourceToPermissionRequest(d)
+	if err != nil {
+		return err
+	}
+	return c.DeletePermissions(permissionRequest, d.Get("content_id").(string))
+}
+
+func resourceSumologicPermissionsUpdate(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*Client)
+	permissionRequest, err := resourceToPermissionRequest(d)
+	if err != nil {
+		return err
+	}
+	resourceSumologicPermissionsDelete(d, meta)
+	if _, err = c.UpdatePermissions(permissionRequest, d.Id()); err != nil {
+		return err
+	}
+	return resourceSumologicPermissionsRead(d, meta)
+}
+
+func getCreatorId(contentId string, meta interface{}) (string, error) {
+	c := meta.(*Client)
+	path, err := c.GetContentPath(contentId)
+	if err != nil {
+		log.Printf("[ERROR] Cannot get path for content %s - %v", contentId, err)
+		return "", err
+	}
+
+	creatorId, err := c.GetCreatorId(path)
+	if err != nil {
+		log.Printf("[ERROR] Cannot find owner of content %s - %v", contentId, err)
+		return "", err
+	}
+	log.Printf("[DEBUG] content=%s, path='%s', owner=%s", contentId, path, creatorId)
+	return creatorId, nil
+}
+
+func resourceToPermissionsArray(resourcePermissions *schema.Set, contentId string) []Permission {
+	result := make([]Permission, resourcePermissions.Len())
+
+	for i, resourcePermission := range resourcePermissions.List() {
+		PermissionMap := resourcePermission.(map[string]interface{})
+		result[i] = Permission{
+			PermissionName: PermissionMap["permission_name"].(string),
+			SourceType:     PermissionMap["source_type"].(string),
+			SourceId:       PermissionMap["source_id"].(string),
+			ContentId:      contentId,
+		}
+	}
+
+	return result
+}
+
+func permissionsArrayToResource(permissions []Permission, creatorId string) []map[string]interface{} {
+
+	result := make([]map[string]interface{}, 0)
+
+	for _, permission := range permissions {
+		if permission.SourceType == "user" && permission.SourceId == creatorId {
+			continue
+		}
+		result = append(result, map[string]interface{}{
+			"permission_name": permission.PermissionName,
+			"source_type":     permission.SourceType,
+			"source_id":       permission.SourceId,
+		})
+	}
+
+	return result
+}
+
+func resourceToPermissionRequest(d *schema.ResourceData) (PermissionsRequest, error) {
+	id := d.Id()
+	if id == "" {
+		return PermissionsRequest{}, errors.New("premission resource id not specified")
+	}
+
+	return PermissionsRequest{
+		Permissions:         resourceToPermissionsArray(d.Get("permission").(*schema.Set), id),
+		NotifyRecipients:    d.Get("notify_recipient").(bool),
+		NotificationMessage: d.Get("notification_message").(string),
+	}, nil
+}